CVE-2017-13318

In HeifDataSource::readAt of HeifDecoderImpl.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt